[expert] problems with pppd
More precise than my earlier post... My ISP uses CHAP auth for its dialup. I have the trace of my connection below - what is going wrong? Thanks, tom Aug 2 23:51:29 lyra pppd[4792]: pppd 2.4.0 started by root, uid 0 Aug 2 23:51:52 lyra pppd[4792]: Serial connection established. Aug 2 23:51:52 lyra pppd[4792]: using channel 7 Aug 2 23:51:52 lyra pppd[4792]: Using interface ppp0 Aug 2 23:51:52 lyra pppd[4792]: Connect: ppp0 -- /dev/ttyS1 Aug 2 23:51:53 lyra pppd[4792]: sent [LCP ConfReq id=0x1 asyncmap 0x0 magic 0x5e52c5eb pcomp accomp] Aug 2 23:51:53 lyra pppd[4792]: rcvd [LCP ConfReq id=0x0] Aug 2 23:51:53 lyra pppd[4792]: sent [LCP ConfAck id=0x0] Aug 2 23:51:54 lyra pppd[4792]: rcvd [LCP TermAck id=0x0] Aug 2 23:51:55 lyra pppd[4792]: rcvd [LCP ConfReq id=0x44 asyncmap 0xa auth chap MD5 magic 0x5ecb3bc1 pcomp accomp mrru 1524 endpoint [local:42.54.4d.44.49.50]] Aug 2 23:51:55 lyra pppd[4792]: sent [LCP ConfRej id=0x44 mrru 1524] Aug 2 23:51:56 lyra pppd[4792]: rcvd [LCP ConfReq id=0x45 asyncmap 0xa auth chap MD5 magic 0x5ecb3bc1 pcomp accomp endpoint [local:42.54.4d.44.49.50]] Aug 2 23:51:56 lyra pppd[4792]: sent [LCP ConfAck id=0x45 asyncmap 0xa auth chap MD5 magic 0x5ecb3bc1 pcomp accomp endpoint [local:42.54.4d.44.49.50]] Aug 2 23:51:56 lyra pppd[4792]: sent [LCP ConfReq id=0x1 asyncmap 0x0 magic 0x5e52c5eb pcomp accomp] Aug 2 23:51:56 lyra pppd[4792]: rcvd [LCP ConfAck id=0x1 asyncmap 0x0 magic 0x5e52c5eb pcomp accomp] Aug 2 23:51:56 lyra pppd[4792]: rcvd [CHAP Challenge id=0x6d f79a4ce9be413ee0e0c032b2cb5e03ed, name = BTMDIP] Aug 2 23:51:56 lyra pppd[4792]: sent [CHAP Response id=0x6d 376a25c85033e54e797e9dfa0ec7f804, name = [EMAIL PROTECTED]] Aug 2 23:52:09 lyra last message repeated 4 times Aug 2 23:52:09 lyra pppd[4792]: rcvd [CHAP Success id=0x6d ] Aug 2 23:52:09 lyra pppd[4792]: sent [IPCP ConfReq id=0x1 addr 0.0.0.0 compress VJ 0f 01] Aug 2 23:52:09 lyra pppd[4792]: sent [CCP ConfReq id=0x1 deflate 15 deflate(old#) 15 bsd v1 15] Aug 2 23:52:09 lyra pppd[4792]: rcvd [CHAP Success id=0x6d ] Aug 2 23:52:09 lyra pppd[4792]: rcvd [IPCP ConfReq id=0x99 compress VJ 0f 00 addr 213.120.208.201] Aug 2 23:52:09 lyra pppd[4792]: sent [IPCP ConfAck id=0x99 compress VJ 0f 00 addr 213.120.208.201] Aug 2 23:52:09 lyra pppd[4792]: rcvd [IPCP ConfNak id=0x1 addr 217.32.145.59] Aug 2 23:52:09 lyra pppd[4792]: sent [IPCP ConfReq id=0x2 addr 217.32.145.59 compress VJ 0f 01] Aug 2 23:52:09 lyra pppd[4792]: rcvd [LCP ProtRej id=0x46 80 fd 01 01 00 0f 1a 04 78 00 18 04 78 00 15 03 2f] Aug 2 23:52:09 lyra pppd[4792]: rcvd [IPCP ConfAck id=0x2 addr 217.32.145.59 compress VJ 0f 01] Aug 2 23:52:09 lyra pppd[4792]: local IP address 217.32.145.59 Aug 2 23:52:09 lyra pppd[4792]: remote IP address 213.120.208.201 Aug 2 23:52:09 lyra pppd[4792]: Script /etc/ppp/ip-up started (pid 4844) Aug 2 23:52:09 lyra pppd[4792]: Script /etc/ppp/ip-up finished (pid 4844), status = 0x0 Aug 2 23:52:51 lyra pppd[4792]: Terminating on signal 15. Aug 2 23:52:51 lyra pppd[4792]: Script /etc/ppp/ip-down started (pid 4853) Aug 2 23:52:51 lyra pppd[4792]: sent [LCP TermReq id=0x2 User request] Aug 2 23:52:52 lyra pppd[4792]: Script /etc/ppp/ip-down finished (pid 4853), status = 0x0 Aug 2 23:52:52 lyra pppd[4792]: rcvd [LCP TermAck id=0x2] Aug 2 23:52:52 lyra pppd[4792]: Connection terminated. Aug 2 23:52:52 lyra pppd[4792]: Connect time 1.0 minutes. Aug 2 23:52:52 lyra pppd[4792]: Sent 2607 bytes, received 5036 bytes. Aug 2 23:52:52 lyra pppd[4792]: Hangup (SIGHUP) Aug 2 23:52:52 lyra pppd[4792]: Exit.
[expert] panicking over xfdrake
When I try to use XFdrake it freezes at 'Preparing X-Window configuration'. The freeze is complete and can't be exited using Alt-SysReq. I have ended up restarting the machine umpteen times because of this bloody thing. I've been syncing before typing 'XFdrake', but even so this cannot be good for my filesystem. HELP. I have a major deadline tomorrow and this has had me completely stumped for a day - this could not come at a worse time. I've tried XFdrake -expert -noauto Same problem. It appears to be hanging when it tries to autodetect the card. The card is an S3 Trio 64V+. Thanks, Tom
Re: [expert] XFdrake freezes -- PLEASE help!
Thanks for the reply David, I may well try that. At the moment I've reinstalled all that I can see of X, also drakxtools and drakxtools-newt, and all of KDE. I used rpm -ivh name --force. I still can't get XFdrake to work, which is weird because it did before. The freeze appears to take place at the card detection stage. Adding the -expert and -noauto options makes no difference. At the moment I am running fvwm from my own .xinitrc file. The whole thing was put together using xf86config and a bit of hand-editing of XF86Config. I can't get things to telinit 5 properly and KDE doesn't work. I am confused as to how I have managed to fsck things up this way... The nice thing about Linux is that I'm fairly sure that it's me that's messed up somewhere, I've just got to find out how! Tom On Wed, Jul 11, 2001 at 02:00:40PM -0600, David Joham wrote: What about downloading XConfigurator for RedHat and trying that? I'm coming in late to this conversation so apologies if this has already been suggested. -Original Message- From: Tom Strickland [mailto:[EMAIL PROTECTED]] Sent: Wednesday, July 11, 2001 4:34 AM To: expert-mandrake Subject: Re: [expert] XFdrake freezes -- PLEASE help! On Tue, Jul 10, 2001 at 08:00:42PM +, Tom Strickland wrote: I recently transferred my hard drives to a friend's machine to help him sort a problem out. I had to reconfigure X to get things moving. When I came home and tried to reconfigure X, I found that XFdrake completely freezes. What gives? I've done it enough times before. This is a total freeze - I can't change terminals or the caps lock light and I have to hard-reset. What am I doing wrong? I just can't work this out. The freeze is total - I can't even break out using Alt-SysReq. I've completely reinstalled X from rpms and I'm still stumped. BTW - what happened to Xconfigurator? It would be nice if I still had it as a 2nd option, but now it links to XFdrake.
[expert] XFdrake freezes -- help!
I recently transferred my hard drives to a friend's machine to help him sort a problem out. I had to reconfigure X to get things moving. When I came home and tried to reconfigure X, I found that XFdrake completely freezes. What gives? I've done it enough times before. This is a total freeze - I can't change terminals or the caps lock light and I have to hard-reset. What am I doing wrong? Thanks, Tom
[expert] what patches are applied to mdk kernels?
I'd like to download more recent kernels and patch them up to be the equivalent of an update to the Mandrake-supplied kernels. Where can I find a patch list? Hopefully I've missed it and it's somewhere in the distribution. Thanks, tom
Re: [expert] what patches are applied to mdk kernels?
On Tue, Jul 03, 2001 at 02:17:48PM +0200, Laurent CREPET wrote: On Tue, Jul 03, 2001 at 10:56:42AM +, Tom Strickland wrote: I'd like to download more recent kernels and patch them up to be the equivalent of an update to the Mandrake-supplied kernels. Where can I find a patch list? Hopefully I've missed it and it's somewhere in the distribution. You can install the SRPM of the kernel, and look included patches and drives. Look at the kernel-2.4.spec file. Ah - thanks. Of course, I'll have to download the SRPM, which is not very small (phone bill). I suppose I could buy a copy of the source CD... Even so, it would be nice to have a list of the patches on the binaries CD so that we can patch a new copy of the kernel ourselves. thanks again, Tom
Re: [expert] hostname questions (again)
On Fri, Jun 29, 2001 at 09:17:00AM +0200, Andreas Grytz wrote: Hi Tom, Postfix con rewrite the sender field of all outgoing mail, but it's much work, if you have many users to administrate. add sender_canonical_maps = hash:/etc/postfix/sender_canonical to your postfix main.cf touch /etc/postfix/sender_canonical (vi|emacs) $_ The format is like this [EMAIL PROTECTED] [EMAIL PROTECTED] do /usr/sbinpostmap /etc/postfix/sender_canonical /usr/sbin/postfix reload Hmmm - sounds great for my home machine, but not so great for the charity. The idea is to set up a minimum administration system so that an administrator is only needed to check the logs periodically and patch the system. Backup, user admin, mail - nearly everything else needs to be admin'd by the secretary. This is one area where Win NT still manages to do a little better, but I'm not letting that back on our server. If we're delivering our mail as coming from ourcharity.org.uk and it's being relayed through our ISP's SMTP server (BT), wouldn't it get blocked at some point by spam filters? Thanks, Tom On Thu, Jun 28, 2001 at 05:07:07PM +, Tom Strickland wrote: On Thu, Jun 28, 2001 at 07:33:38AM -0700, Rusty Carruth wrote: Tom Strickland [EMAIL PROTECTED] wrote: Our server is about to be connected to the Internet through a dialup modem. Naive question: Is it OK to give our network/server any old domain name? To the outside world we will be the domain set by our ISP, but can I set the domain in our LAN to something like smith.jones? It may work, it may not. A lot depends upon how you set up your mail. Thanks. That's what I thought. Running postfix as SMTP, fetchmail to hit POP boxes at the ISP. If you try to send mail to your ISP from [EMAIL PROTECTED], and your isp is jones.smith, then your isp will most likely deny you the relay that it thinks you are asking for when you try to send email to anyone outside the jones.smith (and possibly smith.jones) domain(s). If, however, you send email directly from your smith.jones side then you might (should?) be ok. (But beware - strange things may happen on INCOMING email ;-) We'll be using a domain along the lines of ourcharity.org.uk anyway (got to buy the domain), with mail forwarding, so we'll have to get around similar problems. We'll have mail to: our ISP's accounts our purchased domain the local hostname - deliberately totally different from the other 2 domains. ... all of which must be dealt with by Postfix. I assume that it can cope. I'm also worried about zealous spam filters on mailing lists detecting an untraceable mailer - that shouldn't be a problem should it? I had a setup like that for a while - I was descomp.phx.inficad.com AND descomp.com for a long time, and it worked fine as long as I sent email directly out from my descomp.com domain (i.e. I ran postfix on descomp.com and IT was a 'smart mailer' (in the old sendmail terminology :-) So it can work fine. It helps if you set your mailer to accept mail for BOTH domains.
Re: [expert] hostname questions (again)
On Fri, Jun 29, 2001 at 05:08:13PM +0800, Franki wrote: you should check out if that is available in webmin, I know it is for Sendmail, so I wounldn't be surprised if it was for Postfix as well. Sorry, just to be clear: I take it you're referring to the ease with which you can admin the MDA from Webmin? Thanks - I was going to use Webmin anyway, but I would still like to keep the number of steps to set up a new user down to a minimum. I should have been more clear in my last posting: my main question was: If we're delivering our mail as coming from ourcharity.org.uk and it's being relayed through BT's (our new ISP) SMTP server, wouldn't it get blocked at some point by spam filters (e.g. on mailing lists, people's home machines)? Or have I misunderstood something? Thanks, Tom -Original Message- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Tom Strickland Sent: Friday, 29 June 2001 5:51 PM To: expert-mandrake Subject: Re: [expert] hostname questions (again) On Fri, Jun 29, 2001 at 09:17:00AM +0200, Andreas Grytz wrote: Hi Tom, Postfix con rewrite the sender field of all outgoing mail, but it's much work, if you have many users to administrate. add sender_canonical_maps = hash:/etc/postfix/sender_canonical to your postfix main.cf touch /etc/postfix/sender_canonical (vi|emacs) $_ The format is like this [EMAIL PROTECTED] [EMAIL PROTECTED] do /usr/sbinpostmap /etc/postfix/sender_canonical /usr/sbin/postfix reload Hmmm - sounds great for my home machine, but not so great for the charity. The idea is to set up a minimum administration system so that an administrator is only needed to check the logs periodically and patch the system. Backup, user admin, mail - nearly everything else needs to be admin'd by the secretary. This is one area where Win NT still manages to do a little better, but I'm not letting that back on our server. If we're delivering our mail as coming from ourcharity.org.uk and it's being relayed through our ISP's SMTP server (BT), wouldn't it get blocked at some point by spam filters? Thanks, Tom On Thu, Jun 28, 2001 at 05:07:07PM +, Tom Strickland wrote: On Thu, Jun 28, 2001 at 07:33:38AM -0700, Rusty Carruth wrote: Tom Strickland [EMAIL PROTECTED] wrote: Our server is about to be connected to the Internet through a dialup modem. Naive question: Is it OK to give our network/server any old domain name? To the outside world we will be the domain set by our ISP, but can I set the domain in our LAN to something like smith.jones? It may work, it may not. A lot depends upon how you set up your mail. Thanks. That's what I thought. Running postfix as SMTP, fetchmail to hit POP boxes at the ISP. If you try to send mail to your ISP from [EMAIL PROTECTED], and your isp is jones.smith, then your isp will most likely deny you the relay that it thinks you are asking for when you try to send email to anyone outside the jones.smith (and possibly smith.jones) domain(s). If, however, you send email directly from your smith.jones side then you might (should?) be ok. (But beware - strange things may happen on INCOMING email ;-) We'll be using a domain along the lines of ourcharity.org.uk anyway (got to buy the domain), with mail forwarding, so we'll have to get around similar problems. We'll have mail to: our ISP's accounts our purchased domain the local hostname - deliberately totally different from the other 2 domains. ... all of which must be dealt with by Postfix. I assume that it can cope. I'm also worried about zealous spam filters on mailing lists detecting an untraceable mailer - that shouldn't be a problem should it? I had a setup like that for a while - I was descomp.phx.inficad.com AND descomp.com for a long time, and it worked fine as long as I sent email directly out from my descomp.com domain (i.e. I ran postfix on descomp.com and IT was a 'smart mailer' (in the old sendmail terminology :-) So it can work fine. It helps if you set your mailer to accept mail for BOTH domains.
Re: [expert] hostname questions (again)
Thank you Rusty! On Fri, Jun 29, 2001 at 08:00:57AM -0700, Rusty Carruth wrote: Tom Strickland [EMAIL PROTECTED] wrote: ... I should have been more clear in my last posting: my main question was: If we're delivering our mail as coming from ourcharity.org.uk and it's being relayed through BT's (our new ISP) SMTP server, wouldn't it get blocked at some point by spam filters (e.g. on mailing lists, people's home machines)? Or have I misunderstood something? All *correctly configured* (see notes 1 and 2) ISPs these days have their smtp servers set up to not relay mail. What does this mean? It means that, if you connect to the smtp server (port 25) on their machine then either you are from their domain or not. If you are inside their domain(s) then you can send anywhere; if you are NOT from inside their domain(s) then you can only send to recipients inside their domain(s) (see note 3). Huh? Well, if you connect to your isp (say, thatisp.uk), and tell them you are ourcharity.org.uk then you are not sending from inside their domain (probably - it depends upon exactly how they check your inside-ness!), and thus you will only be able to send email to recipients whose email addresses end in 'thatisp.uk' - probably not too useful. (See note 4) Well, currently I'm with Demon, who use POP-before-SMTP to do auth. I don't know about our new ISP: I've had BT forced on me - I hope they're as good as Demon. However, if your firewall (or whatever) is set up as a 'smart smtp server' (again, terminology from the 'old days' ;-), then everyone inside ourcharity.org.uk would send email using THAT machine (which would perform that relay test and see that you are sending email from INSIDE ourcharity.org.uk and thus allow it). The 'smart smtp server' would then send that email directly to the recipient machine, bypassing your ISP's smtp server entirely. (Again, this is how I have mine set up, and it works fine.) (Alternatively, you can just have the client machines send directly to the recipient, but that's usually a quite a bit more of a hassle). This is exactly what I had in mind. Once kernel 2.4 is sufficiently stable we'll have a full-blown application firewall using port redirection for ports 25 and 80 to Postfix and a web-proxy. No connection to the net without authentication and (if I can get it right) a lock-down on everything else. This will also allow us to virus-scan all mail traffic in both directions. Your othe email was very helpful too - more comments there. Thanks, Tom
Re: [expert] hostname questions (again)
On Fri, Jun 29, 2001 at 08:17:10AM -0700, Rusty Carruth wrote: Tom Strickland [EMAIL PROTECTED] wrote: Hmmm - sounds great for my home machine, but not so great for the charity. The idea is to set up a minimum administration system so that an administrator is only needed to check the logs periodically and patch the system. Backup, user admin, mail - nearly everything else needs to be admin'd by the secretary. This is one area where Win NT still manages to do a little better, but I'm not letting that back on our server. I was originally not going to send this to the entire list until I realized that someone may know of other differences than I have thought of. On the admin side: 1 - You may want to set up sudo scripts to perform tasks like adding users and so forth. On my todo list, certainly. 2 - Think about who you really want to handle bounce messages (ok, I suppose this is more of a problem for smart smtp servers, but not much more, as people would be getting bounce messages anyway, its just that the ADMIN can get them too if you are the smart smtp server) Yes - this is part of my (growing) todo list. One person gets all bounces and re-routes them if necessary. A list of rules needs to be written so as to decide what to do with various bounces. 3 - Same goes for other admin email - I assume you all are training the secretary which ones can be filed and which need 'professional help' ? Yes - the secretary and information officer will share the admin roles with clear divisions of responsibility. 4 - What part of backup is going to be admin'd by the secretary? I'd think you'd set it up so that they just have to change tapes? (And perhaps add or remove items from the 'things to back up' list) Brief: mainly changing the tapes. Longer: To make things simple a full backup will be done every night (working days). Training will be given in simple file recovery. We're currently deciding between Amanda and Arkeia. If I can help it, I'd prefer Amanda. One large tar or dump to tape seems more recoverable in the event of mild corruption than Arkeia's propietary format. OTOH, Arkeia has a pretty front-end that is more friendly to non-techies. 5 - Same for user admin - I assume you just mean being able to add and remove users? I've never needed this, but I suggest sudo (e.g. to allow the secretary to run 'useradd' or 'adduser') (You may not want this on your firewall!) Since we're a small-ish branch (of the national charity MIND) we've just got the one computer for firewall, internet gateway, Samba, web, mail, database and backup. Fun. Some phrase containing the words 'egg' and 'basket' is hovering at the edge of my mind, but I can't quite make it out :-) So far the budget hasn't even stretched to RAID and we've only just bought the tape drive - I had to waive my costs to afford a nicer model: DDS4 - if only we could have stretched to DLT. Anyway, I'm going to use sudo for this. If I could just unify all the password schemes... We'll be using wwwoffle (dialup http proxy) but I'd consider changing to Squid if Squid's auth uses PAM. wwwoffle stores passwords in the clear in its conf file. Not good. 6 - Again, same for mail admin. Are you thinking just for adding and removing mail users? Or do you have a mailing list (or more)? An awful lot can be done with scripts (shell, perl, awk, sed, whatever ;-) that you allow certain folks (i.e. the secretary) to run using sudo. Thankfully, no mailing lists at the moment. We just need to add/remove users. To be honest, if I can get the scripts right and write the docs in time, I'd like to dump Webmin on the principle that I wouldn't need it and it's just one more network vulnerability. But in any case, consider whether you want your mail server to also be your firewall (I actually am beginning to think that I hope its not ;-), and whether the accounts need to actually be ON the mail machine (so the mail 'lands' there) or on the user's machines (so that the mail 'pauses' on your mail machine but 'lands' on each user's machine - this is probably NOT what you want, but I thought i'd mention it anyway). Here's the plan: use Postfix for MDA and Cyrus IMAP. Both provide SASL facilities to authenticate users so I can authenticate incoming and outgoing mail. IMAP's important - I try to force users to store everything on the server. It's more secure and easier to backup If anything goes wrong, it's usually been one of the Windows machines and they're not the most secure place for confidential docs anyway! When I changed the My Documents link to point to H: (home share) and told staff that from now on their computer could be wiped with little or no notice, everything started getting kept on the server. If I keep mail on the server too, then that's a security worry and a backup worry gone
[expert] hostname questions (again)
Our server is about to be connected to the Internet through a dialup modem. Naive question: Is it OK to give our network/server any old domain name? To the outside world we will be the domain set by our ISP, but can I set the domain in our LAN to something like smith.jones? Thanks, Tom
Re: [expert] hostname questions (again)
On Thu, Jun 28, 2001 at 07:33:38AM -0700, Rusty Carruth wrote: Tom Strickland [EMAIL PROTECTED] wrote: Our server is about to be connected to the Internet through a dialup modem. Naive question: Is it OK to give our network/server any old domain name? To the outside world we will be the domain set by our ISP, but can I set the domain in our LAN to something like smith.jones? It may work, it may not. A lot depends upon how you set up your mail. Thanks. That's what I thought. Running postfix as SMTP, fetchmail to hit POP boxes at the ISP. If you try to send mail to your ISP from [EMAIL PROTECTED], and your isp is jones.smith, then your isp will most likely deny you the relay that it thinks you are asking for when you try to send email to anyone outside the jones.smith (and possibly smith.jones) domain(s). If, however, you send email directly from your smith.jones side then you might (should?) be ok. (But beware - strange things may happen on INCOMING email ;-) We'll be using a domain along the lines of ourcharity.org.uk anyway (got to buy the domain), with mail forwarding, so we'll have to get around similar problems. We'll have mail to: our ISP's accounts our purchased domain the local hostname - deliberately totally different from the other 2 domains. ... all of which must be dealt with by Postfix. I assume that it can cope. I'm also worried about zealous spam filters on mailing lists detecting an untraceable mailer - that shouldn't be a problem should it? I had a setup like that for a while - I was descomp.phx.inficad.com AND descomp.com for a long time, and it worked fine as long as I sent email directly out from my descomp.com domain (i.e. I ran postfix on descomp.com and IT was a 'smart mailer' (in the old sendmail terminology :-) So it can work fine. It helps if you set your mailer to accept mail for BOTH domains.
[expert] hostname questions
I am about to re-configure a simple Class C network of Win98 machines/Linux server to give the Win machines access to the internet. I'll be using Postfix as a collection/relay point to relay mail through the ISP's SMTP server when we go online. I just want to check a few details on hostname: Is it OK to give our network/server any old domain name? To the outside world we will be the domain set by our ISP, but can I set the domain in our LAN to something like smith.jones? Thanks, Tom
[expert] test
ping!
[expert] test
Re: [expert] syslog playing up
Matthias, Chris: Thanks for the suggestions. I have found the solutions to both. The first is simple and is going to make me look very stupid. I deserve it and must be punished. The second has had me stumped for a while... On Mon, Mar 05, 2001 at 10:17:51AM +, Tom Strickland wrote: Another problem: Recently the computer started freezing at startup unless I did the following: 1) start as single user 2) start syslog: # /etc/rc.d/init.d/syslog start 3) carry on the startup (ctrl-d) logrotate isn't working either - it complains: # logrotate /etc/logrotate.conf error: syslog:211 duplicate log entry for /var/log/syslog The two problems may be separate - logrotate hasn't been working for a while. Problem 1: syslog was disabled. I must have slipped up somewhere and switched it off and then been too stupid and too quick posting to the list to fix it myself. Problem 2: logrotate problems. I thought that it meant 'duplicate entries inside the log file for syslog'. Wrong - it means that the /etc/logrotate.d/syslog file contains duplicate entries for rotating /var/log/syslog like so: # WARNING : don't use * wildcard as extension # (glob in logrotate will try to rotate all files instead of # only the basenames of the logs, i.e. it will rotate # already rotated files and recompress them, taking # exponential time...) /var/log/auth.log { rotate 5 weekly postrotate /usr/bin/killall -HUP syslogd endscript } /var/log/syslog { rotate 5 weekly postrotate /usr/bin/killall -HUP syslogd endscript } /var/log/user.log { [snip] ... #/var/log/syslog { # #postrotate #/usr/bin/killall -HUP syslogd #endscript # #} ... commenting out the second entry solved the error. My syslog file has been getting alarmingly large as it hadn't rotated since late november. I have no idea what caused this, as I've never touched this file. Useful though - now I've had to learn about log rotation rather than just assume it works. tom
[expert] kdesu or drakConf problems
I can't open configuration tools such as draknet or DrakConf as a normal user. If I start them as super user, then they work fine. When I click the DrakConf icon as a normal user. I tried starting it from the command line, but couldn't get anything to happen - I get: execl() error, errno=13 If I start draknet, I get the kdesu dialogue box, then type in root's password, then... nothing. No error messages, nothing in syslog (except "session opened for root...session closed for root"). What's wrong with my system? tom
[expert] syslog playing up
Another problem: Recently the computer started freezing at startup unless I did the following: 1) start as single user 2) start syslog: # /etc/rc.d/init.d/syslog start 3) carry on the startup (ctrl-d) logrotate isn't working either - it complains: # logrotate /etc/logrotate.conf error: syslog:211 duplicate log entry for /var/log/syslog The two problems may be separate - logrotate hasn't been working for a while. tom
Re: [expert] syslog playing up
On Mon, Mar 05, 2001 at 01:06:49PM +0100, Matthias Grund wrote: Another problem: Recently the computer started freezing at startup unless I did the following: 1) start as single user 2) start syslog: # /etc/rc.d/init.d/syslog start 3) carry on the startup (ctrl-d) Change the priority at which syslogs starts to a higher one by moving Sxxsyslog to S11syslog for example. I'll try this, but I'm curious about why it's started doing this. I think that it might have something to do with my accidentally shutting down inetd in the belief that xinetd replaces it completely. When I saw the computer saying that it had shut down logging, I restarted inet. Since then, I've had problems. Any ideas anyone? tom
Re: [expert] Changing HD
I have tried the tar method: # cd /var # tar -cf - . ; (cd /var-new; tar xpf -) ... and got a load of warning messages to the effect of 'socket not copied' for some files belonging to amavis and postfix. Looking /usr/share/doc/tar-1.13.17/NEWS, I find that tar no longer archives sockets. I have tried cp -a, but there were a few problems there too. I will try again and see if I can nail the errors. This raises a question: I'm about to get into backup, probably to tape. I was going to use tar, but how can I backup partitions that may contain sockets? tom On Wed, Feb 28, 2001 at 09:34:10AM -0800, John Wolford wrote: 1. Throw in your second hard drive 2. Format it and mount it - you can use diskdrake for this. 3. Copy over your entire drive to it. Be sure to use the -a switch # cp -a / /mnt/newdrive assuming you mounted it at /mnt/newdrive 4. Pull your drives out and swap them over. 5. Make sure your new drive is working fully and nothing unexpected happens before you destroy the data on the old drive. Here's an old message i posted awhile back that pertains to moving /usr (might as well be moving /) that i posted awhile back - it was a summary of a bunch of messages on the subject. Maybe you will find it helpful. Date: Thu, 25 Jan 2001 14:07:23 -0800 (PST) From: John Wolford [EMAIL PROTECTED] | Block address | Add to Address Book To: [EMAIL PROTECTED] Reply-to: [EMAIL PROTECTED] Subject: [expert] Summary: How to move /usr to another partition Greetings again, Thanks for all the replies re: How to move /usr to another partition? It's nice to know that what i was working with SHOULD have worked, on principle. Here is a brief summary of the "How to move /usr to another partition?" thread. 1. Resize partition, using Partition Magic or some such thing. [this will only work if you actually have the appropriate space on the drive, of course] All of the following assume that /usr will be duplicated somehow onto /mnt/usr temporarily, then /etc/fstab will be updated to reflect the new location, reboot and presto, you are mounting the new /usr. 2. copy: # cp -a /usr /mnt 3. tarball: # tar cvf /mnt/usr.tar /usr # cd /mnt # tar xvfp usr.tar (Note that this method requires enough free space to hold not just mnt/usr but also /mnt/usr.tar) or # tar cf - /usr | ( cd /mnt ; tar xvfp - ) or # cd /mnt # tar cf - -C /usr | tar xvpf (Note that these last two methods of tarballing only require enough free space to hold /usr) Care must be taken to preserve relative links and file permissions if either 2 or 3 is to work. Soft links do not support spanning partitions or devices and will cause failures if this occurs. An aside: at the time that i was attempting this i was installing and re-installing on various drives on the same system. It MAY have been the case that i had a swap partition on the device that contained /usr and the device that contained the new /mnt/usr. If this were true, it could have caused some problems, i don't know. Thanks again, John --- C Nielsen [EMAIL PROTECTED] wrote: Hello from the frozen north; I'm planing to upgrade my harddisl from an 8gig to a 20 gig and was wondering how to move over to the new drive with little or no pain. I'm running Mandrake 7.2. thanx -- Linux Counter #188953 Linux Machine #85790 __ Do You Yahoo!? Get email at your own domain with Yahoo! Mail. http://personal.mail.yahoo.com/
Re: [expert] missing hd?
Attached are dmesg's from the two boots. I am having other problems with my primary hd, unsure if they're related. I originally bought a new motherboard due to DMA reset errors. I still get them if I try to switch DMA on, but at least the computer doesn't freeze anymore. I'm using an Abit KT7, so I'm downloading a new BIOS patch. That comes after fixing this hdd problem (fix problems one at a time); I think I might buy a new master hd before long anyway. I will try juggling the cdrom/hdd - cdrom/hdc and get back to the list. Note that windows sees hdd too (using fdisk of course, as with no windows partitions it isn't going to turn up as D:). tom On Sat, Feb 24, 2001 at 10:43:34AM -0700, Rusty Carruth wrote: "J . A . Magallon" [EMAIL PROTECTED] wrote: ... Lets look at this (perhaps I have too much coffe also, and all that comes is stupid). If your disk is the slave in the first ide channel, it should be named hdb. So I assume you have one other hd and a cdrom. Lets suppose: Your hds are on the IDE 1: hda (the old) and hdb (as you should see it) Your cdrom is at hcd (master at IDE 2). And if your bios swaps your ide channels when booting from cd at IDE 2, and hdb becomes hdd ? Well, after watching the 'thread' for a while, I've noticed the following things: 1 - arrangement seems to be: controller channel hdx comments 0 0 hda main drive as master 0 1 ? unknown 1 0 hdc cdrom as master 1 1 hdd hard drive as slave 2 - when booting one way (the install cd, I think) /dev/hdd seems to work 3 - when booting another way (off the installed system, I think) /dev/hdd seems to not work. Ok so I have a few questions and obvservations/theories: 1 - something is different between how the install sets things up and how the installed system sets them up (duh!), such that the hard drive is either at /dev/hdc, or something else strange. Would it be possible to see the dmesg's from the two boots? 2 - Rumor has it that hard drives don't like being slave to a cdrom drive, and/or that cdrom drives don't like to be master to a hard drive. Have you tried putting the 2nd hard drive as master over the cdrom or as slave to the first hard drive? (Assuming there is no hard drive there in hdb already! ;-) rc Rusty Carruth Email: [EMAIL PROTECTED] or [EMAIL PROTECTED] Voice: (480) 345-3621 SnailMail: Schlumberger ATE FAX: (480) 345-8793 7855 S. River Parkway, Suite 116 Ham: N7IKQ @ 146.82+,pl 162.2 Tempe, AZ 85284-1825 ICBM: 33 20' 44"N 111 53' 47"W Linux version 2.2.17-21mdk ([EMAIL PROTECTED]) (gcc version 2.95.3 19991030 (prerelease)) #1 Thu Oct 5 13:16:08 CEST 2000 Detected 800062 kHz processor. ide_setup: hdd=ide-scsi Console: colour VGA+ 80x25 Calibrating delay loop... 1595.80 BogoMIPS Memory: 127608k/131008k available (1136k kernel code, 416k reserved, 1720k data, 128k init, 0k bigmem) Dentry hash table entries: 16384 (order 5, 128k) Buffer cache hash table entries: 131072 (order 7, 512k) Page cache hash table entries: 32768 (order 5, 128k) VFS: Diskquotas version dquot_6.4.0 initialized CPU: L1 I Cache: 64K L1 D Cache: 64K CPU: L2 Cache: 256K CPU: AMD Athlon(tm) Processor stepping 02 Checking 386/387 coupling... OK, FPU using exception 16 error reporting. Checking 'hlt' instruction... OK. POSIX conformance testing by UNIFIX mtrr: v1.35a (19990819) Richard Gooch ([EMAIL PROTECTED]) PCI: PCI BIOS revision 2.10 entry at 0xfb430, last bus=1 PCI: Using configuration type 1 PCI: Probing PCI hardware Linux NET4.0 for Linux 2.2 Based upon Swansea University Computer Society NET3.039 NET4: Unix domain sockets 1.0 for Linux NET4.0. NET4: Linux TCP/IP 1.0 for NET4.0 IP Protocols: ICMP, UDP, TCP, IGMP TCP: Hash tables configured (ehash 131072 bhash 65536) Initializing RT netlink socket Starting kswapd v 1.5 Detected PS/2 Mouse Port. Serial driver version 4.27 with MANY_PORTS MULTIPORT SHARE_IRQ enabled ttyS00 at 0x03f8 (irq = 4) is a 16550A ttyS01 at 0x02f8 (irq = 3) is a 16550A pty: 256 Unix98 ptys configured apm: BIOS version 1.2 Flags 0x07 (Driver version 1.13) Real Time Clock Driver v1.09 RAM disk driver initialized: 16 RAM disks of 4096K size Uniform Multi-Platform E-IDE driver Revision: 6.30 ide: Assuming 33MHz system bus speed for PIO modes; override with idebus=xx VP_IDE: IDE controller on PCI bus 00 dev 39 VP_IDE: chipset revision 16 VP_IDE: not 100% native mode: will probe irqs later Split FIFO Configuration: 8 Primary buffers, threshold = 1/2 8 Second. buffers, threshold = 1/2 ide0: BM-DMA at 0xe000-0xe007, BIOS settings: hda:DMA, hdb:pio ide0: VIA Bus-Master (U)DMA Timing Config Success ide1: BM-DMA at 0xe008-0xe00f, BIOS settings: hdc:DMA, hdd:DMA ide1: VIA Bus-Master (U)DMA Timing
Re: [expert] msec,Bastille,firewalls et. al.
In addition to what seems to be a reasonably thorough security effort, try installing djbdns and kicking out BIND. Use postfix, not sendmail, disable telnet/ftp (but you know these last three). I had this idea for my network, what do people think: Using kernel 2.4, it should be far easier to implement a fairly tight application proxy firewall. You can redirect all packets going to a particular port number outside the network to a particular port number on your machine. Very useful. I need to be able to force all email through our system. There it can be scanned for viruses in both directions, stripped of bad attachments (e.g. vbs, if I so wish). If necessary and under strict circumstances, I can implement mail monitoring on a per-account basis. I can prevent staff mis-using the mail facilities for spamming. They can access another machine outside the network (e.g. telnet or ssh, then jump from there) or they can use a hotmail account, but they cannot send from the network. The same can be said for web browsing. I can force all http traffic through the web proxy. Not for purposes of filtering (it doesn't work), more because it optimises the dialup connection's bandwidth to proxy things, allows us to implement per-workstation monitoring (if necessary) and ACLs for browsing the internet. What do people think? Is this feasible using kernel 2.4? From my reading of articles on SecurityPortal it is, but I could be wrong. I have one more question: does NetFilter include user-based rules? I mean allow this user through, but not that one, log this user but not that one, if unusual traffic comes through, log the traffic *and* the user. This would be extremely useful and already exists in commercial firewalls. Oh - and to pre-empt anyone that is against the notion of monitoring users at work: I would be happy to argue in a separate thread, but not this one. But to be brief: The network belongs to a charity. We pay for dialup time at peak rate, so mis-using that is stealing from the charity. As for mail, all mail sent needs to be logged anyway. It is a document relating to clients of the charity and therefore falls under the Data Protection Act (United Kingdom) - they need to be able to ask to see all correspondance. Therefore all email will be logged. Lastly: the charity has a comparatively small budget. There have been problems from time to time with mis-use of resources. This will put a stop to that. Anyway, I'm not interested in all that. Technically speaking, how feasible is this under 2.4? tom
[expert] missing hd?
Noticing that I only have 54 megs left on my / partition, I decided to slot in a second hard drive on hdd and partition it up for /tmp /var and a second swap. I created new mount points: /tmp2 /var2 and formatted the hard drive using diskdrake. Problem: I accidentally left one of the drive's old partitions mounted. diskdrake moaned, so I unmounted and started again. Success. Then I restarted the machine into single user mode to transfer things across and re-name the mount points. Problem: hdd seems to have vanished. hdparm says: # /sbin/hdparm /dev/hdd /dev/hdd: Device not configured hdd is no longer visible in diskdrake, so I tried restarting off the cdrom to see if the install procedure could see the hard drive and its partitions. It can and I successfully deleted the old partitions. Then I restarted into standard boot-up - still no luck. I'm stumped! tom
Re: [expert] missing hd?
On Fri, Feb 23, 2001 at 03:07:32PM +, Arnoud de Jonge wrote: Noticing that I only have 54 megs left on my / partition, I decided to slot in a second hard drive on hdd and partition it up for /tmp /var and a second swap. I created new mount points: /tmp2 /var2 and formatted the hard drive using diskdrake. Problem: I accidentally left one of the drive's old partitions mounted. diskdrake moaned, so I unmounted and started again. Success. Then I restarted the machine into single user mode to transfer things across and re-name the mount points. Problem: hdd seems to have vanished. hdparm says: # /sbin/hdparm /dev/hdd /dev/hdd: Device not configured hdd is no longer visible in diskdrake, so I tried restarting off the cdrom to see if the install procedure could see the hard drive and its partitions. It can and I successfully deleted the old partitions. Then I restarted into standard boot-up - still no luck. I'm stumped! Check if /dev/hdd still exists. If it is gone you'll have to recreate it. I have no access to a Linux box right now, so I can't tell you how right now. Thanks for the quick response, but /dev/hdd (and /dev/hdd1-16) all exist, and they have the same modification dates /mod settings as all of the other /dev/hd? drives. Still stumped! tom
Re: [expert] missing hd?
On Fri, Feb 23, 2001 at 09:51:27AM -0800, Ron Heron wrote: Try #fdisk -l /dev/hdd This should paint a good picture for you of what the problem is. #fdisk -l /dev/hdd - gives no response (just a new cmd prompt) #fdisk /dev/hdd gives: Unable to open /dev/hdd --- Tom Strickland [EMAIL PROTECTED] wrote: On Fri, Feb 23, 2001 at 03:07:32PM +, Arnoud de Jonge wrote: Noticing that I only have 54 megs left on my / partition, I decided to slot in a second hard drive on hdd and partition it up for /tmp /var and a second swap. I created new mount points: /tmp2 /var2 and formatted the hard drive using diskdrake. Problem: I accidentally left one of the drive's old partitions mounted. diskdrake moaned, so I unmounted and started again. Success. Then I restarted the machine into single user mode to transfer things across and re-name the mount points. Problem: hdd seems to have vanished. hdparm says: # /sbin/hdparm /dev/hdd /dev/hdd: Device not configured hdd is no longer visible in diskdrake, so I tried restarting off the cdrom to see if the install procedure could see the hard drive and its partitions. It can and I successfully deleted the old partitions. Then I restarted into standard boot-up - still no luck. I'm stumped! Check if /dev/hdd still exists. If it is gone you'll have to recreate it. I have no access to a Linux box right now, so I can't tell you how right now. Thanks for the quick response, but /dev/hdd (and /dev/hdd1-16) all exist, and they have the same modification dates /mod settings as all of the other /dev/hd? drives.
Re: [expert] missing hd?
On Fri, Feb 23, 2001 at 11:43:27AM -0800, Ron Heron wrote: hmmm, are you sure it's on hdd? hdd is the slave of the first ide slot. If fdisk says no response, then it is truly missing! how many beers did you have when you did this? :) Ah - if only I could ascribe this to beer! Too much coffee perhaps... anyway, as I've already stated, if I restart from the installer cd-rom and use diskdrake from there as part of the installation procedure, I can see hdd with no problem. I even went back in and re-created the partitions in the hope of shaking the system into shape. Nope - still 'no hdd' in my normal bootup. I am puzzled. --- Tom Strickland [EMAIL PROTECTED] wrote: On Fri, Feb 23, 2001 at 09:51:27AM -0800, Ron Heron wrote: Try #fdisk -l /dev/hdd This should paint a good picture for you of what the problem is. #fdisk -l /dev/hdd - gives no response (just a new cmd prompt) #fdisk /dev/hdd gives: Unable to open /dev/hdd --- Tom Strickland [EMAIL PROTECTED] wrote: On Fri, Feb 23, 2001 at 03:07:32PM +, Arnoud de Jonge wrote: Noticing that I only have 54 megs left on my / partition, I decided to slot in a second hard drive on hdd and partition it up for /tmp /var and a second swap. I created new mount points: /tmp2 /var2 and formatted the hard drive using diskdrake. Problem: I accidentally left one of the drive's old partitions mounted. diskdrake moaned, so I unmounted and started again. Success. Then I restarted the machine into single user mode to transfer things across and re-name the mount points. Problem: hdd seems to have vanished. hdparm says: # /sbin/hdparm /dev/hdd /dev/hdd: Device not configured hdd is no longer visible in diskdrake, so I tried restarting off the cdrom to see if the install procedure could see the hard drive and its partitions. It can and I successfully deleted the old partitions. Then I restarted into standard boot-up - still no luck. I'm stumped! Check if /dev/hdd still exists. If it is gone you'll have to recreate it. I have no access to a Linux box right now, so I can't tell you how right now. Thanks for the quick response, but /dev/hdd (and /dev/hdd1-16) all exist, and they have the same modification dates /mod settings as all of the other /dev/hd? drives. = ^C quit :q exit ? help shit __ Do You Yahoo!? Yahoo! Auctions - Buy the things you want at great prices! http://auctions.yahoo.com/
Re: [expert] missing hd?
On Fri, Feb 23, 2001 at 03:06:56PM -0800, Ron Heron wrote: Tom, can you send me your /var/log/kernel/info file? This is extremely puzzling. What's the ouput of #mount -a ? more info: when I try to mount /dev/hdd1, I get: #mount -t ext2 /dev/hdd1 /tmp/td mount: /tmp/td is not a valid block device ?? I tried restarting to a rescue mode on the cdrom. There I found that I can mount /dev/hdd1. I can also run /sbin/hdparm on it: the info thus gleaned follows: #hdparm /dev/hdd /dev/hdd: multcount= 0 (off) I/O support = 0 (default 16-bit) unmaskirq= 0 (off) using_dma= 0 (off) keepsettings = 0 (off) nowerr = 0 (off) readonly = 0 (off) readahead= 8 (on) geometry = 4092/16/63, sectors = 4124736, start = 0 #/sbin/hdparm -I /dev/hdd /dev/hdd: Model=TS2321A2, FwRev=.024, SerialNo= JG9M8289 Config={ HardSect NotMFM HdSw15uSec Fixed DTR10Mbs RotSpdTol.5% } RawCHS=4092/16/63, TrkSize=0, SectSize=0, ECCbytes=4 BuffType=unknown, BuffSize=0kB, MaxMultSect=16, MultSect=off CurCHS=4092/16/63, CurSects=4124736, LBA=yes, LBAsects=4124736 IORDY=on/off, tPIO={min:383,w/IORDY:120}, tDMA={min:120,rec:120} PIO modes: pio0 pio1 pio3 pio4 DMA modes: mdma0 mdma1 mdma2 udma0 udma1 *udma2 I am confused! --- Tom Strickland [EMAIL PROTECTED] wrote: On Fri, Feb 23, 2001 at 11:43:27AM -0800, Ron Heron wrote: hmmm, are you sure it's on hdd? hdd is the slave of the first ide slot. If fdisk says no response, then it is truly missing! how many beers did you have when you did this? :) Ah - if only I could ascribe this to beer! Too much coffee perhaps... anyway, as I've already stated, if I restart from the installer cd-rom and use diskdrake from there as part of the installation procedure, I can see hdd with no problem. I even went back in and re-created the partitions in the hope of shaking the system into shape. Nope - still 'no hdd' in my normal bootup. I am puzzled. --- Tom Strickland [EMAIL PROTECTED] wrote: On Fri, Feb 23, 2001 at 09:51:27AM -0800, Ron Heron wrote: Try #fdisk -l /dev/hdd This should paint a good picture for you of what the problem is. #fdisk -l /dev/hdd - gives no response (just a new cmd prompt) #fdisk /dev/hdd gives: Unable to open /dev/hdd --- Tom Strickland [EMAIL PROTECTED] wrote: On Fri, Feb 23, 2001 at 03:07:32PM +, Arnoud de Jonge wrote: Noticing that I only have 54 megs left on my / partition, I decided to slot in a second hard drive on hdd and partition it up for /tmp /var and a second swap. I created new mount points: /tmp2 /var2 and formatted the hard drive using diskdrake. Problem: I accidentally left one of the drive's old partitions mounted. diskdrake moaned, so I unmounted and started again. Success. Then I restarted the machine into single user mode to transfer things across and re-name the mount points. Problem: hdd seems to have vanished. hdparm says: # /sbin/hdparm /dev/hdd /dev/hdd: Device not configured hdd is no longer visible in diskdrake, so I tried restarting off the cdrom to see if the install procedure could see the hard drive and its partitions. It can and I successfully deleted the old partitions. Then I restarted into standard boot-up - still no luck. I'm stumped! Check if /dev/hdd still exists. If it is gone you'll have to recreate it. I have no access to a Linux box right now, so I can't tell you how right now. Thanks for the quick response, but /dev/hdd (and /dev/hdd1-16) all exist, and they have the same modification dates /mod settings as all of the other /dev/hd? drives. = ^C quit :q exit ? help shit __ Do You Yahoo!? Yahoo! Auctions - Buy the things you want at great prices! http://auctions.yahoo.com/ = ^C quit :q exit ? help shit __ Do You Yahoo!? Yahoo! Auctions - Buy the things you want at great prices! http://auctions.yahoo.com/
Re: [expert] missing hd?
On Sat, Feb 24, 2001 at 02:26:24AM +0100, J . A . Magallon wrote: On 02.24 Tom Strickland wrote: On Fri, Feb 23, 2001 at 11:43:27AM -0800, Ron Heron wrote: hmmm, are you sure it's on hdd? hdd is the slave of the first ide slot. AFAIK, hdd is the slave in the SECOND ide channel... It's definitely hdd, plugged in as slave to the master of the 2nd ide chain (the cdrom). tom
Re: [expert] Fwd: rpm problems
What does # rpm --rebuilddb do? Civileme I should have mentioned that I have already tried this. [root@lyra tom]# updatedb [root@lura tom]# rpm --rebuilddb Further checks on the rpm database reveal that some of the packages that I recently updated using MandrakeUpdate seem to be duplicated in the database: tcsh cups ... I'm not sure about any others... tom _ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. Keep in touch with http://mandrakeforum.com: Subscribe the "[EMAIL PROTECTED]" mailing list.
[expert] Fwd: rpm problems
I have been having problems getting rpm to work on mdk 7.2. At the moment, when I try to upgrade cups by downloading the rpm, I get: [root@lyra mdk7.2_updates]# rpm -Uvh cups-1.1.4-7.1mdk.i586.rpm cups# error getting record /bin/sh from //var/lib/rpm/requiredby.rpm error getting record /bin/sh from //var/lib/rpm/requiredby.rpm then cups appears to have installed correctly, but there are 2 copies: [root@lyra mdk7.2_updates]# rpm -q cups cups-1.1.4-3mdk cups-1.1.4-7.1mdk ?? What's wrong with my setup ?? Furthermore, when I fire up MandrakeUpdate (problems there, too - see below), and try to update a package, I get complaints of an incorrectly signed package or faulty gnupg setup. 2nd problem (related?): when I try to start MandrakeUpdate or DrakConf from the desktop, nothing happens. When I try to start them from the command-line: [tom@lyra tom]$ /usr/X11R6/bin/DrakConf execl() error, errno=13 Now, I assume that you're supposed to execute DrakConf.real, because that seems to work, but why won't clicking the desktop icon work? Anyway, the main question remains the rpm database... can anyone help? Thanks, Tom _ Get more from the Web. FREE MSN Explorer download : http://explorer.msn.com Keep in touch with http://mandrakeforum.com: Subscribe the "[EMAIL PROTECTED]" mailing list.
Re: [expert] will pci hardware modems work under kernel 2.4?
Thanks for all the replies. Thanks for setting me straight over serial ports too. Wish I could remember where I read it... Anyway, I'll use the 'Linux/Modem Compatibility Knowledge Base' at the 'Winmodems are not modems' site: http://www.kcdata.com/~gromitkc/winmodem.html to find a decent PCI modem. Thanks in particular to Sarang Lakare - exactly the info I was after! Another guy sent me to this website, which contains excellent technical tips on tuning modems: http://www.greencis.net/~ibi/mod.htm Thanks to all Tom _ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. Share information about yourself, create your own public profile at http://profiles.msn.com. Keep in touch with http://mandrakeforum.com: Subscribe the "[EMAIL PROTECTED]" mailing list.
Re: [expert] will pci hardware modems work under kernel 2.4?
tom strickland wrote: tomtell him to buy an external serial modem (not usb). No! Soon it will be difficult to buy motherboards with ISA slots. No ISA slot - no ISA bus - no serial port. I need a future proof modem, as he will be upgrading his computer within the year. Personally, I would go for external (serial) and keep my current linux box as a gateway/masquarading/firewall box for the house network - but that's just me. My friend needs a PCI or USB modem that works under Linux. I know that PCI modems are more difficult to get working under linux (check out http://serial.sourceforge.net), and that things might get better under 2.4. Hence the question. Thanks for all the suggestions for known working pci modems (and the serial ones too), but: a) it can be harder to get hold of these in the UK, with different model numbers, etc b) I am curious about the more general issue of pci modems under kernel 2.4 thanks, tom _ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. Share information about yourself, create your own public profile at http://profiles.msn.com. Keep in touch with http://mandrakeforum.com: Subscribe the "[EMAIL PROTECTED]" mailing list.
[expert] will pci hardware modems work under kernel 2.4?
My friend is about to buy a modem, and he'd like it to be compatible with linux. Buying PCI would be more futureproof than isa or serial. I know that winmodems don't work under linux - most software modems in other words. I know that pci modems don't work on linux at the moment (not without fiddling, and then only some), but will they work under kernel 2.4? thanks, tom _ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. Share information about yourself, create your own public profile at http://profiles.msn.com. Keep in touch with http://mandrakeforum.com: Subscribe the "[EMAIL PROTECTED]" mailing list.
Re: [expert] Re: tracking employees
snip What you need to do is this: Draft up a 'charter' for the use of the Internet within the company. Make sure that this charter contains clauses such as "All Internet resources are to be used for Company businss only", "The Company reserves the right to monitor any and all Internet traffic to and from the Company's site", "All e-mails to or from the Company's network are the property of the Company", and "Failure to adhere to these clauses may result in disciplinary action - serious breaches may result in the employee's dismissal". Issue a copy of this charter to any employees who may use the system, and have them sign and return it to you. You may wish to make this charter part of the employee's contract of employment - many companies do in the UK. This is exactly what I had in mind. As I've already made clear, I have a much bigger problem with companies that don't clarify things in this way, allowing the company to gather data on their (admittedly naive) employees. I will make sure that everyone understands the situation - as you say, most will understand once things are explained. Although some people talk of posting such logs on Company Intranet sites, etc., this can sometimes be more trouble than it is worth. Say for example, an employee logs into a child pornography site - do you really want that appearing to all your employees at your site, or would you rather just quietly gather the information/evidence that you need in order to assist the police in prosecution? Also, by publishing the logs, people can not only see what you are logging, but more importantly, they can see what you are NOT logging. Good point, I'll have to think about this. Another aspect to consider is this. I did not have time to check all the logs, all the time. I was often working over ninety hours a week as it was - I was responsible for a WAN that covered sites up to 200 miles away, and was on call 24/7. So, I set up a random schedule of checking a particular set of logs for a week or so, then changing to a different set, etc. I also allowed rumors to spread that I was logging/monitoring more than I really was... One problem: I have tried to set the network up to run as autonomously as possible. The logging has to be accessible to the Director, rather than myself, and possibly maintained by the information officer, so I do need a script to publish to the intranet or email the logs in some form. Perhaps a collation utility as well, to view monthly stats. I see your point when it comes to staff being able to find holes in the logging system, but without me being around to remind them that 'I can see you', they may forget. Everyone being able to see everyone will ensure that *no-one* forgets. Anyway, the original post was more a question as to how to set this up inside the computer, rather than office protocol. I'm interested in scripts to monitor the traffic across a PPP connection, perhaps collate them and display them on the web. Any ideas? Thanks, Tom Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com
[expert] tracking network users' browsing of the web
I run a network for a charity (MIND in the UK), Win98 clients served by Linux-Mandrake, with a dialup Internet connection. We are about to open up the access to the internet, but my boss wants to be able to track what people browse. I came up with the plan of publishing a user's browsing logs on the intranet, so that the staff can see what is being browsed. Thus it's not just the director keeping an eye on people, but every member of staff, and the director doesn't escape scrutiny. We need to do it to keep the phone bill down (no personal browsing). My problem is this: how do I keep a log of what pages people are browsing? Any ideas? Thanks, Tom Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com
[expert] Re: tracking employees
snip Since company time is an issue, you might want to consider blocking sports sites, chat rooms, games, and maybe even porn sites. People are human and it wouldn't be the first time an employee had a little fun on company time. Then, if you still want to track them set an invisible cookie that can't be disabled in the browser. Blocking software tends to either miss things that should be blocked or blocks the wrong things, so I'm trying to avoid that. I'm curious about English law and not trying to insult you or start a flame war. I'm in the US and am sure we have privacy groups that would complain loudly about tracking an employee's viewing habits unless it was porn. What is your countries policy on tracking employee web surfing? I feel much the same way. The principle problem is money - it still costs a great deal to connect an office to the internet during the day through dialup. We really need to keep costs down and the Internet will only push them up. If we had a permanent connection to the Internet, I would feel worse about doing this, but I don't see any other way of going about it. I agree with you in spirit about the privacy principle, but don't see how it can be reconciled with the fact that employees shouldn't be using company time for ANY personal browsing. A clear privacy policy will be drawn up. There are other situations that would make me feel more uncomfortable: 1) Tracking employees, not telling (or reminding) them of this and using this tracking to deduce private information, such as political affiliation, sexual orientation... 2) Tracking of people online in a more general way. I'm worried about a possible employer being able to buy information about my browsing habits from the internet tracking firms, such as DoubleClick. I hasten to add that I think that there are much worse people than DoubleClick out there, possibly because DoubleClick are most in the public glare. In short, I think that there is no enshrined right of privacy over here, but I don't think that one exists in the US either. If anything, the European Union is doing more to solve this, with privacy regulation that would cover this and, more importantly, case (2) above. tom Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com
Re: [expert] tracking network users' browsing of the web
I use nacctd and a perl tool that comes with it. It gives the date/time, the workstation's name and the site's name. I run a cron job nightly that emails this info to myself and my boss, you could just as easily put it on a web page. Stew Benedict Thanks Stew, I'll take a look at it. Tom Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com
[expert] how do I switch DMA off?
OK - I accidentally allowed the install of 7.1 to enable DMA on a machine whose BIOS doesn't support it. Of course I'm getting crashes - luckily no data loss so far. I tried using hdparm to disable dma, bith on normal login and single user login, but each time the system freezes, and the next time that I start up, I get a kernel panic - I have to power cycle the machine. I also tried manipulating it using Webmin. I didn't think that it would work, and it didn't: another freeze. When the system does freeze normally (i.e. when I'm not trying to fix the DMA) it complains (can't exactly remember the message, but it leads to DMA being switched off by the system). What am I doing wrong? Thanks in advance, Tom Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com